package com.t282.crm.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.Subject;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;

@SpringBootTest
@RunWith(SpringRunner.class)
public class ShiroTester {
    @Test
    public void testShiro(){
        //1.配置Realm（安全数据源）
        //通过shiro.ini配置文件创建Realm
        IniRealm realm = new IniRealm("classpath:shiro.ini");
        //2.配置SecurityManager
        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        //注入创建的Realm（安全数据源）
        securityManager.setRealm(realm);
        SecurityUtils.setSecurityManager(securityManager);
        //3.操作Subject，进行认证
        Subject subject = SecurityUtils.getSubject();
        //封装一个令牌
        UsernamePasswordToken token = new UsernamePasswordToken("admin","123456");
        try {
            subject.login(token);   //登录，即认证
        }catch (AuthenticationException e){
            System.out.println("认证异常：");
            e.printStackTrace();
        }
        System.out.println("是否通过认证：" + subject.isAuthenticated());
        System.out.println("身份信息：" + subject.getPrincipal());
        System.out.println("是否为管理员角色：" + subject.hasRole("管理员"));   //判断是否为某个角色
        System.out.println("是否能操作用户查看功能：" + subject.isPermitted("user:view")); //判断是否拥有某权限
        //也可使用check方法判断是否拥有某权限，但是失败情况下会抛出UnauthorizedException异常
        subject.checkPermission("user:view");
    }

    @Test
    public void testMd5Hash(){
        String password = "admin";
        String salt = "czkt";
        Md5Hash md5Hash = new Md5Hash(password,salt);
        System.out.println(md5Hash.toString());
    }
}
